Skip to content
SecTepe Mit Sicherheit gut aufgestellt!
DE
All products
EU-native GRC Platform

SecTepe.Core – ISMS, GRC & Compliance in one place

SecTepe.Core is a self-hosted, EU-native platform for compliance management, information security management systems and risk management. With AI-powered automation, eIDAS signatures and full data sovereignty, it supports mid-sized to large enterprises across NIS2, GDPR, ISO 27001:2022, BSI IT-Grundschutz, SOC 2, HIPAA and PCI DSS.

Request a demo

Supported frameworks

  • NIS2
  • GDPR
  • ISO 27001:2022
  • BSI IT-Grundschutz
  • SOC 2
  • HIPAA
  • PCI DSS
  • DORA

Modules & core capabilities

Everything you need for compliance, ISMS and security management – in a single platform.

Multi-framework assessments

Automated gap analyses, maturity models and roadmap generation across all supported frameworks.

Learn more

ISMS management

Asset lifecycle, risk register, policy management, control monitoring and audit collaboration.

Learn more

AI automation

Policy generation, RAG audit assistant, STRIDE threat modeling – fully self-hostable without external AI providers.

Learn more

Enterprise authentication

WebAuthn/FIDO2 hardware keys, SAML 2.0 / OIDC SSO, MFA, eIDAS-compliant digital signatures.

Learn more

White-label trust center

Self-hosted public compliance portal with custom domains, status pages and certificate showcase.

Learn more

Threat intelligence & CTI

Malware analysis suite with YARA, Capa, ClamAV, MWDB and AssemblyLine – including MISP and OpenCTI integration.

Learn more

OnlyOffice collaboration

Real-time document editing with versioning and a complete audit trail – GDPR-compliant, on-premise.

Learn more

Framework change management

Automatic detection of framework updates, impact analysis and reassessment workflows.

Learn more

Supplier & vendor portal

Structured third-party risk management with self-service questionnaires and evidence upload.

Learn more

Technology & architecture

SecTepe.Core is built on a modern, cloud-native stack and can be deployed flexibly via Docker or Kubernetes (Helm) – on-premise or in your private cloud.

  • • Frontend: React 19 + TypeScript, Tailwind CSS
  • • Backend: Node.js / Express, PostgreSQL (Prisma ORM)
  • • Storage: MinIO (S3-compatible), Redis caching
  • • Security: Helmet, CSP, rate limiting, hardened CORS
  • • Integrations: ServiceNow, Jira, Confluence, Odoo, HubSpot, AWS, Azure, GCP

Why SecTepe.Core?

  • Data sovereignty: 100% EU hosting, no US cloud dependency.
  • Cost advantage: Typically 40–60% less than Vanta / Drata.
  • No vendor lock-in: Open APIs, export formats, open-source core components.
  • EU-native AI: Self-hosted LLMs possible – no data leaks to US providers.

Ready for compliance by design?

Talk to us about SecTepe.Core and discover how to take your ISMS and compliance processes to the next level.

Book a free demo